According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 45.8.124.114 on port… Читать далее Malware / Botnet / Phishing hosting server @45.8.124.114
Malware botnet controllers @91.224.22.76
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 91.224.22.76 on port 443: $ telnet 91.224.22.76 443 Trying 91.224.22.76… Connected to 91.224.22.76. Escape character is… Читать далее Malware botnet controllers @91.224.22.76
Loki botnet controller @172.67.188.53
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.188.53 on port 80 (using HTTP POST): hXXp://samkoproducts.xyz/five/fre.php $ dig +short samkoproducts.xyz 172.67.188.53 Referencing malware binaries (MD5 hash): 0ef11d95ce195cb49efa5bfb435ac0e2 — AV detection:… Читать далее Loki botnet controller @172.67.188.53
top200.live / myopenaccess.live / scholarlyopenaccessjournals.com / opastonline.com (OPast Publishing Group)
The domains in the Subject are sending spam for «OPast Publishing Group», which apparently operates a number of open access journals, and spams scraped, purchased or appended lists to advertise those journals. These SBL listings are for the following items: * The sending IP address 203.86.235.185 (layerstack.com), which also hosts the A record and all… Читать далее top200.live / myopenaccess.live / scholarlyopenaccessjournals.com / opastonline.com (OPast Publishing Group)
spam support (domains)
domain used in spam operation trustsoffers.com… 192.46.236.179
spam emitter @172.105.253.186
Received: from azdazdazd86.onmicrosoft.com (172.105.253.186) Date: Tue, 16 Nov 2021 01:3x:xx +0100 From: «Ultra Wifi Pro» <[]@[].pubblici.net> Subject: The Best Wifi Solution for Low Home Signals | Get it for 50% Off Now!
affiliate spam @insidernewstoday.net
2021-11-16 insidernewstoday.net. 60 IN A 137.184.131.231 Received: from cj6i463.merrell.pl (23.97.251.208) From: Male Enhancement – Granite <cupEU@cupEU.fi> Subject: ❤️ Are you the Man you Could Be? Try Granite!❤️ Date: Sat, 13 Nov 2021 23:4x:xx +0000 http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=[] 34.133.11.23 https://puysegura.com/?E=[]&s1=16&s2=38226 18.236.164.87 https://enadtaerg.com/?E=[]&s1=16&s2=38226&ckmguid=[] 13.52.80.238 https://insidernewstoday.net/male/en/med-journal/v2/granite/?AFID=428015&CID=430234&ADID=2359327&SID=4504&AffiliateReferenceID=[] 208.68.36.33
spam emitters
Received: from s6.megojom.ru (megojom.ru [77.244.217.178]) Date: Tue, 16 Nov 2021 11:3x:xx +0000 From: Aleksandr <info@s6.megojom.ru> Subject: Предложение 77.244.217.178 megojom.ru 77.244.217.179 eseneno.ru 77.244.217.180 derwerer.ru 77.244.217.181 yeremont.ru 77.244.217.182 uwentos.ru
spam support (domains)
domain used in spam operation v8s4xu9wpgmb6awnaptv.us… 162.255.119.220
spam support (domains)
domain used in spam operation beva67pr.com… 192.64.119.124